Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/pTFcPAsl3ig45P8UIlHFZxBEV74.roa
File: pTFcPAsl3ig45P8UIlHFZxBEV74.roa (raw, json)
Hash identifier: EBen8kzNkvZmV0vCJdgRBHoLx4Rm1Q4eLsGslo1Rh3g=
Subject key identifier: A5:31:5C:3C:0B:25:DE:28:38:E4:FF:14:22:51:C5:67:10:44:57:BE
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 11F9D148
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/pTFcPAsl3ig45P8UIlHFZxBEV74.roa
Signing time: Tue 29 Mar 2022 10:13:28 +0000
ROA not before: Tue 29 Mar 2022 10:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205072
IP address blocks: 185.149.108.0/22 maxlen: 24
109.109.128.0/20 maxlen: 24
45.155.21.0/24 maxlen: 24
45.155.20.0/22 maxlen: 22
195.5.176.0/24 maxlen: 24
45.137.36.0/22 maxlen: 22
87.239.16.0/21 maxlen: 24
45.147.88.0/22 maxlen: 22
193.22.80.0/24 maxlen: 24
195.5.161.0/24 maxlen: 24
195.5.170.0/24 maxlen: 24
195.5.168.0/24 maxlen: 24
2a0d:da00::/29 maxlen: 29
2a0d:da00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301584712 (0x11f9d148)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Mar 29 10:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5315c3c0b25de2838e4ff142251c567104457be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e9:b0:6d:37:8c:bf:fc:ee:f1:f9:cc:d2:4c:
56:ff:5d:0c:cc:1a:1e:67:19:f1:1a:35:8d:0e:25:
bc:7a:7f:03:0b:1a:1e:42:6c:52:b8:6f:5f:f3:4b:
78:f1:a0:8d:7e:e3:4b:7f:23:e4:f6:4a:c5:db:0e:
67:6f:09:64:bf:23:26:d6:15:c4:63:1f:bb:95:cd:
b3:d2:a0:29:f4:72:9e:25:4f:c2:b4:7d:48:6c:de:
b4:28:e0:81:5a:94:2a:f3:b4:96:27:c9:77:f6:9c:
5c:0a:fc:fe:5a:2f:c5:70:15:eb:7c:d2:a7:76:57:
42:7c:f9:df:0b:bd:97:7d:c7:d9:d9:0b:ee:ce:dc:
50:10:03:58:80:f8:44:19:b4:79:37:67:d4:14:ca:
da:69:68:8d:a7:33:7a:d5:65:de:78:2c:a8:63:37:
6c:3b:31:77:c0:a6:9b:71:da:79:36:c5:42:c0:96:
db:93:34:ec:3a:11:50:4f:d3:b1:b6:e3:1c:8b:22:
bc:6f:ff:e5:7b:6c:70:65:4a:2b:02:41:23:06:2a:
ea:58:68:8c:d6:11:53:8f:46:0f:7d:74:7f:af:51:
a0:9e:21:c9:5c:6d:8a:e4:7d:53:be:14:97:80:08:
5c:1e:c6:8d:95:6a:2c:ea:c0:f1:55:cf:7e:23:57:
3c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:31:5C:3C:0B:25:DE:28:38:E4:FF:14:22:51:C5:67:10:44:57:BE
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/pTFcPAsl3ig45P8UIlHFZxBEV74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.36.0/22
45.147.88.0/22
45.155.20.0/22
87.239.16.0/21
109.109.128.0/20
185.149.108.0/22
193.22.80.0/24
195.5.161.0/24
195.5.168.0/24
195.5.170.0/24
195.5.176.0/24
IPv6:
2a0d:da00::/29
Signature Algorithm: sha256WithRSAEncryption
29:c9:3b:57:95:9b:c5:2e:e8:4b:fd:25:d9:08:d2:97:3d:ee:
a6:16:fa:08:bf:4b:8a:de:9a:49:cb:53:0d:6d:3d:4a:20:34:
9f:30:4b:a7:52:8a:b5:dc:39:b7:ee:e7:bd:a9:93:52:6e:50:
54:46:d7:7b:49:27:d4:67:b8:41:ba:ae:90:39:04:b6:1b:ee:
78:8e:da:0c:e1:ac:ca:4d:9b:d6:24:8b:aa:c8:29:1e:3d:e6:
ee:60:eb:01:ac:95:38:32:50:77:aa:0d:17:3c:c8:82:e3:e9:
7f:75:48:32:2c:a0:5f:ba:ec:df:74:49:65:4b:0c:bb:18:22:
1a:01:7d:0f:f0:6a:6a:67:00:cb:dc:1e:05:49:8b:0a:f7:48:
11:0e:32:8c:0f:9a:3d:b1:ed:d7:19:91:16:93:d7:6f:e5:c8:
42:36:7b:24:16:a7:d0:7d:46:bd:7d:82:07:c8:ac:9b:9f:99:
bc:fe:57:e0:bb:11:fa:ce:9e:ed:b6:ad:cb:84:a8:0a:8c:6d:
19:9a:40:3e:1e:76:ab:5e:16:80:33:a8:1d:1e:93:5d:d7:a8:
3f:70:1f:22:3e:2a:0c:1e:8b:3a:1f:1b:45:9b:24:7a:d6:64:
c5:0d:95:52:77:02:12:f1:6a:6c:44:fa:e0:9c:db:bd:f0:b9:
bd:d4:52:e5
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEEfnRSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmU5MmMzNDFlNzY5NDQzZmRlMWQyNzU2NjA0NGI0YjY1MTU5MDYwMB4XDTIyMDMy
OTEwMTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUzMTVjM2MwYjI1
ZGUyODM4ZTRmZjE0MjI1MWM1NjcxMDQ0NTdiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKDpsG03jL/87vH5zNJMVv9dDMwaHmcZ8Ro1jQ4lvHp/Awsa
HkJsUrhvX/NLePGgjX7jS38j5PZKxdsOZ28JZL8jJtYVxGMfu5XNs9KgKfRyniVP
wrR9SGzetCjggVqUKvO0lifJd/acXAr8/lovxXAV63zSp3ZXQnz53wu9l33H2dkL
7s7cUBADWID4RBm0eTdn1BTK2mlojaczetVl3ngsqGM3bDsxd8Cmm3HaeTbFQsCW
25M07DoRUE/TsbbjHIsivG//5XtscGVKKwJBIwYq6lhojNYRU49GD310f69RoJ4h
yVxtiuR9U74Ul4AIXB7GjZVqLOrA8VXPfiNXPKsCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBSlMVw8CyXeKDjk/xQiUcVnEERXvjAfBgNVHSMEGDAWgBRm6Sw0HnaUQ/3h
0nVmBEtLZRWQYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p1a3NOQjUybEVQOTRkSjFaZ1JMUzJVVmtHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTkvOGYxOTY4LWE3OWEtNGEwNy1hY2U2LWMxZDI5NmY4ZmQwNy8x
L3BURmNQQXNsM2lnNDVQOFVJbEhGWnhCRVY3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTkv
OGYxOTY4LWE3OWEtNGEwNy1hY2U2LWMxZDI5NmY4ZmQwNy8xL1p1a3NOQjUybEVQ
OTRkSjFaZ1JMUzJVVmtHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAi2JJAMEAi2TWAMEAi2bFAMEA1fv
EAMEBG1tgAMEArmVbAMEAMEWUAMEAMMFoQMEAMMFqAMEAMMFqgMEAMMFsDANBAIA
AjAHAwUDKg3aADANBgkqhkiG9w0BAQsFAAOCAQEAKck7V5WbxS7oS/0l2QjSlz3u
phb6CL9Lit6aSctTDW09SiA0nzBLp1KKtdw5t+7nvamTUm5QVEbXe0kn1Ge4Qbqu
kDkEthvueI7aDOGsyk2b1iSLqsgpHj3m7mDrAayVODJQd6oNFzzIguPpf3VIMiyg
X7rs33RJZUsMuxgiGgF9D/BqamcAy9weBUmLCvdIEQ4yjA+aPbHt1xmRFpPXb+XI
QjZ7JBan0H1GvX2CB8ism5+ZvP5X4LsR+s6e7baty4SoCoxtGZpAPh52q14WgDOo
HR6TXdeoP3AfIj4qDB6LOh8bRZsketZkxQ2VUncCEvFqbET64JzbvfC5vdRS5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:17 2024 by rpki-client on console-ams.rpki-client.org